scholarly journals Building a Malware Detection System Based on a Machine Learning Method

2020 ◽  
Vol 9 (5) ◽  
pp. 1488-1493
Keyword(s):  
Machine Learning ◽  
Supervised Classification ◽  
Detection System ◽  
Malware Detection ◽  
Machine Learning Method ◽  
Clustering Methods ◽  
Unusual Behavior ◽  
Static And Dynamic Analysis ◽  
Malicious Behavior ◽  
Abnormal Behaviors

Malware attacks are dangerous and difficult to detect and prevent. Therefore, the task of detecting signs of malware and alerting it for users or the system is very necessary today. One of the most effective malware detection approaches is applying machine learning or deep learning to analyze its behavior. There have been many studies and recommendations to analyze malicious behavior then combined with some sorting or clustering methods to find their signs. In this paper, we will propose a method to use machine learning to detect malicious signs based on their unusual behavior. Accordingly, in our research, we will conduct malicious analysis using static and dynamic analysis methods to detect abnormal behaviors and combine them with a supervised classification algorithm to the conclusion on malware behavior.

scholarly journals An Efficient DenseNet-Based Deep Learning Model for Malware Detection

Entropy ◽  
2021 ◽  
Vol 23 (3) ◽  
pp. 344
Author(s):  
Jeyaprakash Hemalatha ◽  
S. Abijah Roseline ◽  
Subbiah Geetha ◽  
Seifedine Kadry ◽  
Robertas Damaševičius
Keyword(s):  
Deep Learning ◽  
Detection System ◽  
Malware Detection ◽  
Class Imbalance ◽  
Learning Model ◽  
Computational Time ◽  
Learning Approaches ◽  
Security Threat ◽  
Static And Dynamic Analysis ◽  
Deep Learning Model

Recently, there has been a huge rise in malware growth, which creates a significant security threat to organizations and individuals. Despite the incessant efforts of cybersecurity research to defend against malware threats, malware developers discover new ways to evade these defense techniques. Traditional static and dynamic analysis methods are ineffective in identifying new malware and pose high overhead in terms of memory and time. Typical machine learning approaches that train a classifier based on handcrafted features are also not sufficiently potent against these evasive techniques and require more efforts due to feature-engineering. Recent malware detectors indicate performance degradation due to class imbalance in malware datasets. To resolve these challenges, this work adopts a visualization-based method, where malware binaries are depicted as two-dimensional images and classified by a deep learning model. We propose an efficient malware detection system based on deep learning. The system uses a reweighted class-balanced loss function in the final classification layer of the DenseNet model to achieve significant performance improvements in classifying malware by handling imbalanced data issues. Comprehensive experiments performed on four benchmark malware datasets show that the proposed approach can detect new malware samples with higher accuracy (98.23% for the Malimg dataset, 98.46% for the BIG 2015 dataset, 98.21% for the MaleVis dataset, and 89.48% for the unseen Malicia dataset) and reduced false-positive rates when compared with conventional malware mitigation techniques while maintaining low computational time. The proposed malware detection solution is also reliable and effective against obfuscation attacks.

scholarly journals An API Semantics-Aware Malware Detection Method Based on Deep Learning

2019 ◽  
Vol 2019 ◽  
pp. 1-9 ◽  
Author(s):  
Xin Ma ◽  
Shize Guo ◽  
Wei Bai ◽  
Jun Chen ◽  
Shiming Xia ◽  
...  
Keyword(s):  
Machine Learning ◽  
Detection Method ◽  
Malware Detection ◽  
Poor Performance ◽  
Detection Methods ◽  
Interference Detection ◽  
Machine Learning Method ◽  
Accuracy Rate ◽  
Malware Classification ◽  
Self Protection

The explosive growth of malware variants poses a continuously and deeply evolving challenge to information security. Traditional malware detection methods require a lot of manpower. However, machine learning has played an important role on malware classification and detection, and it is easily spoofed by malware disguising to be benign software by employing self-protection techniques, which leads to poor performance for existing techniques based on the machine learning method. In this paper, we analyze the local maliciousness about malware and implement an anti-interference detection framework based on API fragments, which uses the LSTM model to classify API fragments and employs ensemble learning to determine the final result of the entire API sequence. We present our experimental results on Ali-Tianchi contest API databases. By comparing with the experiments of some common methods, it is proved that our method based on local maliciousness has better performance, which is a higher accuracy rate of 0.9734.

scholarly journals MALGRA: Machine Learning and N-Gram Malware Feature Extraction and Detection System

Electronics ◽  
2020 ◽  
Vol 9 (11) ◽  
pp. 1777
Author(s):  
Muhammad Ali ◽  
Stavros Shiaeles ◽  
Gueltoum Bendiab ◽  
Bogdan Ghita
Keyword(s):  
Machine Learning ◽  
Learning Algorithm ◽  
Detection System ◽  
Malware Detection ◽  
Machine Learning Algorithms ◽  
Supervised Machine Learning ◽  
Detection Methods ◽  
Normal Operation ◽  
Analysis Technique ◽  
N Gram

Detection and mitigation of modern malware are critical for the normal operation of an organisation. Traditional defence mechanisms are becoming increasingly ineffective due to the techniques used by attackers such as code obfuscation, metamorphism, and polymorphism, which strengthen the resilience of malware. In this context, the development of adaptive, more effective malware detection methods has been identified as an urgent requirement for protecting the IT infrastructure against such threats, and for ensuring security. In this paper, we investigate an alternative method for malware detection that is based on N-grams and machine learning. We use a dynamic analysis technique to extract an Indicator of Compromise (IOC) for malicious files, which are represented using N-grams. The paper also proposes TF-IDF as a novel alternative used to identify the most significant N-grams features for training a machine learning algorithm. Finally, the paper evaluates the proposed technique using various supervised machine-learning algorithms. The results show that Logistic Regression, with a score of 98.4%, provides the best classification accuracy when compared to the other classifiers used.

scholarly journals Malware: The Never-Ending Arm Race

2021 ◽  
pp. 1-25
Author(s):  
Hector David Menendez
Keyword(s):  
Machine Learning ◽  
Dynamic Analysis ◽  
Detection System ◽  
Vice President ◽  
Historical Background ◽  
Malicious Software ◽  
Static And Dynamic Analysis ◽  
Analysis Techniques ◽  
Single Strategy ◽  
New Strategies

"Antivirus is death"' and probably every detection system that focuses on a single strategy for indicators of compromise. This famous quote that Brian Dye --Symantec's senior vice president-- stated in 2014 is the best representation of the current situation with malware detection and mitigation. Concealment strategies evolved significantly during the last years, not just like the classical ones based on polimorphic and metamorphic methodologies, which killed the signature-based detection that antiviruses use, but also the capabilities to fileless malware, i.e. malware only resident in volatile memory that makes every disk analysis senseless. This review provides a historical background of different concealment strategies introduced to protect malicious --and not necessarily malicious-- software from different detection or analysis techniques. It will cover binary, static and dynamic analysis, and also new strategies based on machine learning from both perspectives, the attackers and the defenders.

Sign in / Sign up

Export Citation Format

Share Document